Aggregator

The Medusa Ransomware Group experienced significant operational security (OPSEC) failure, which was primarily due to the group’s use of Rclone, a widely utilized tool for data exfiltration, to store stolen data in the cloud storage service put.io.  The key issue arose from a misconfigured Rclone configuration file, which contained access tokens and other credentials, inadvertently […]

The post Researchers Hacked into Medusa Ransomware Group’s Cloud Storage appeared first on Cyber Security News.

Cybercriminals have launched a smishing campaign targeting iPhone users in India, impersonating India Post. Malicious iMessages falsely claim a package awaits at an India Post warehouse, enticing victims to click on fraudulent links.  It leverages the widespread trust in India Post and the popularity of iPhones to deceive users into compromising their devices and potentially […]

The post iPhone Users Beware! Fake Postal Messages Stealing Your Login Credentials appeared first on Cyber Security News.

Hackers use phishing emails to mislead recipients into providing personal data like usernames, passwords, credit card numbers, or social security numbers. This method exploits human emotions and trust, allowing a threat actor to compromise an account, steal an identity, or disseminate malware with little technical skill. Guardio Labs recently discovered “EchoSpoofing” which is a serious […]

The post Proofpoint’s Email Protection Let Attackers Send Millions Of Phishing Emails appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Hackers prefer ransomware attacks primarily because they offer the highest chance of financial gain. By locking victims’ information systems and asking for payment to release them, ransomware attacks lock victims’ information systems and demand payment to unlock them. Considering such a high level of risk, victims are pushed to make ransom payments as fast as […]

The post Hackers Exploiting ESXi Hypervisor Auth Bypass Flaw For Ransomware Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

复盘历史上最大的 IT 故障

 A threat actor has taken to social media to claim responsibility for hacking into a Microsoft employee’s device. The announcement was made via a Telegram post, accompanied by a video purportedly showing the breach’s aftermath, as per a tweet by ThreatMon, a Cybersecurity Intelligence Platform. Details of the Alleged Breach The threat actor alleges that […]

The post Threat Actor Allegedly Claiming Hack of Microsoft Employee’s Device appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code. A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and tracked as CVE-2024-6387.  It was found that on glibc-based Linux systems, the vulnerability—a signal handler race […]

The post Critical OpenSSH “regreSSHion” Vulnerability Impacted macOS  Systems, Patch Now appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a browser update, is favored by multiple threat groups such as the Russian-operated Evil Corp (Manatee Tempest) and the Initial Access Broker TA569 (Mustard Tempest). In recent times, it is seen that the malware now specifically […]

The post SocGholish Malware Attacking Windows Users Using Fake Browser Update appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in SiteOrigin Widgets Bundle up to 1.62.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Image Grid Widget. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-5901. The attack can be launched remotely. There is no exploit available.

As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration.  However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim's device and run commands, exfiltrate data, and stay

A vulnerability was found in SiberianCMS 5.0.8. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-41702. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Priority PRI WEB Portal Add-On for ERP on Prem and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-41696. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cybonet PineApp Mail Relay and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-41694. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in AccuPOS. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-41701. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Неожиданные источники данных для ИИ охватывают контент от YouTube до математических форумов.

A vulnerability, which was classified as critical, has been found in Cybonet PineApp Mail Relay. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-41695. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

In March 2024, a new variant of the AcidRain wiper malware dubbed “AcidPour” was noticed. It targets Linux data storage devices and permanently erases data from the targeted systems, making them inoperative. It targets crucial sectors of Linux devices such as SCSI SATA, Memory Technology Devices (MTD), MultiMediaCard Storage, DMSETUP, and Unsorted Block Image devices, […]

The post AcidPour Malware Attacking Linux Data Storage Devices To Wipe Out Data appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Auto manufacturers are just starting to realize the problems of supporting the software in older models:

Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them.

That might not cut it in the auto world, where the average age of cars on US roads is only going up. A recent report found that cars and trucks just reached a new record average age of 12.6 years, up two months from 2023. That means the car software hitting the road today needs to work­—and maybe even improve—­beyond 2036. The average length of smartphone ownership is just ...

The post Providing Security Updates to Automobile Software appeared first on Security Boulevard.

Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET. "Attackers used previously

Progress Software has disclosed a new high-severity vulnerability in its MOVEit Transfer file transfer solution that could allow attackers to escalate privileges through improper authentication. The vulnerability, tracked as CVE-2024-6576 with a CVSS score of 7.3, affects the SFTP module of MOVEit Transfer. The security flaw impacts multiple versions of MOVEit Transfer, including: According to […]

The post New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.